﻿//-----------------------------------------------------------------------------
// Filename: PasswordRetreiver.cs
//
// Description: retreive forgotten passwords for SIP Switch users
// 
// History:
// 22 Oct 2007	Guillaume Bonnet	    Created.
//
// License: 
// This software is licensed under the BSD License http://www.opensource.org/licenses/bsd-license.php
//
// Copyright (c) 2007 Aaron Clauson (aaronc@blueface.ie), Blueface Ltd, Dublin, Ireland (www.blueface.ie)
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are permitted provided that 
// the following conditions are met:
//
// Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 
// Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following 
// disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Blue Face Ltd. 
// nor the names of its contributors may be used to endorse or promote products derived from this software without specific 
// prior written permission. 
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
// BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
// IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 
// OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 
// OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 
// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
// POSSIBILITY OF SUCH DAMAGE.
//-----------------------------------------------------------------------------

using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Text;
using System.Web;
using System.Xml;
using log4net;
using MaverickLite.Security;
using BlueFace.Sys;


namespace SIPSwitch.Web
{
    public class PasswordRetriever : SecureXmlController
    {
        private Hashtable subscriptionData = null;
        private static ILog d_logger = log4net.LogManager.GetLogger("PasswordRetreiver");
        private static string m_adminEmail = AppState.GetConfigSetting("SIPSwitchAdminEmail");
        private StorageLayer m_storagelayer;
        private static string m_dbConnectionStr = AppState.GetConfigSetting("SIPSwitchDBConnStr");
        private static StorageTypes m_StorageType = StorageTypes.Postgresql;

        public PasswordRetriever(XmlElement initParams): base(initParams)
        {
            m_storagelayer = new StorageLayer(m_StorageType, m_dbConnectionStr); 
        }

        protected override void InitialiseRequest(HttpContext context)
        {
            base.InitialiseRequest(context);            
            subscriptionData = MavRequestState.GetRequestData();
        }

        public override void BuildPageModel()
        {
            try
            {
                string security = (subscriptionData["passwordtoretrieve"] != null) ? subscriptionData["passwordtoretrieve"] as string : null;
                if (security != null)
                {
                    string useremail = (subscriptionData["useremail"] != null) ? subscriptionData["useremail"] as string : null;
                    string mailbody = null;
                    DataSet set = null;
                    set = m_storagelayer.GetDataSet("SELECT * FROM Customers WHERE emailaddress='" + useremail + "'");  // check table and fields !
                    int setCount = set.Tables[0].Rows.Count;
                    string connectionSettings = null;
                    string username = null;
                    if (setCount != 0)
                    {
                        int i = 0;
                        for (i = 0; i < setCount; i++)
                        {
                            connectionSettings += "Username : ";
                            connectionSettings += set.Tables[0].Rows[i]["username"].ToString();
                            username = set.Tables[0].Rows[i]["username"].ToString();
                            connectionSettings += " --- ";
                            connectionSettings += "Password : ";
                            connectionSettings += set.Tables[0].Rows[i]["password"].ToString();
                            connectionSettings += " \n";
                        }
                        // Email results
                        mailbody = "Hi, " + username;
                        mailbody += "\nWe retrieved your My SIP Switch account details for you. \n\n";
                        mailbody += connectionSettings;
                        mailbody += "\n\n";
                        mailbody += "Thanks for using My SIP Switch \nMy Sip Switch team";

                        logger.Info("PasswordRetriever: Retrieved account details for " + username);
                        Email.SendEmail(useremail, m_adminEmail, "My SIP Switch Password", mailbody);

                        m_pageModel.AddToModel("<page><status>An e-mail has been sent with your password. Thanks.</status></page>", true);

                        // Sending the amount of My SIP Switch users to me
                        set = m_storagelayer.GetDataSet("SELECT count(*) FROM Customers");
                        Email.SendEmail(m_adminEmail, m_adminEmail, "My SIP Switch has " + set.Tables[0].Rows[0][0] + " users", "wicked!");
                    }
                    else
                    {
                        m_pageModel.AddToModel("<page><status>We can not find this e-mail in our database, sorry. You will need to contact our admins via the forum.</status></page>", true);
                        logger.Info("PasswordRetriever : A user wanted to get a password on an unknown e-mail");
                    }

                    
                }
            }
            catch (Exception passwrdretreiveEx)
            {
                logger.Error("PasswordRetriever error " + passwrdretreiveEx);
                Email.SendEmail(m_adminEmail, "PasswordRetreiver", "My SIP Switch Password exception ", passwrdretreiveEx.Message);
            }
        }
    }
}
